package com.blb.day20231106springsecurity.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {

    @PreAuthorize("hasRole('管理员')")
    @RequestMapping("hello")
    public String hello(){
        return "Hello Security!!";
    }

    //注解配置访问权限
    @PreAuthorize("hasRole('销售主管') and hasAuthority('销售管理')")
    @RequestMapping("hello2")
    public String hello2(){
        return "hello2!!!";
    }
}
